Last week’s measures of support for businesses and individuals impacted by COVID-19 have been widely welcomed. As pharmacy faces challenges of social distancing, isolation, supply shortages, and customer anxiety accompanying COVID-19, this is a timely reminder that cyber-criminals are using this turbulent period to target businesses.
The last thing you need in the middle of a public health crisis is to lose access to your patient data. Stay alert to cyber-attacks and especially the increase in COVID-19 themed ransomware attacks.
Ransomware is software that attempts to lock your business information (e.g. patient data) so that you have to pay to regain access to it. Commonly triggered by clicking on a link in a phishing email, this downloads software, which infects and encrypts your files, computer or network. You receive a message saying that your files have been encrypted and setting out payment terms if you want to retrieve your information.
If you get to this stage, it is too late. It is vital that you do not put yourself in a position where you have to negotiate to re-gain access to your data. The focus needs to be on protecting yourself and your pharmacy.
Whilst not all attacks will be the size of WannaCry, which locked 200,000 PCs and sparked panic across 150 countries in 2017, ransomware attacks are common. Every 14 seconds, somebody, somewhere around the world, becomes a victim of ransomware. In 2019, these attacks cost Australian businesses and the public sector between $60 million and $241 million.1 In Australia, small and medium businesses would commonly be asked to pay a ransom of $10,000 or more, whilst at the other end of the scale, the largest known single ransom paid has been $1M USD in 2017.
The ransom amount depends upon:
- The importance and value of your data
- Your capacity to pay
Best practice advice is that you never pay the ransom or negotiate with cyber-criminals as this encourages more attacks.
No business wants to contemplate paying a ransom on their data. Instead, make sure that you have systems in place to protect your information and ensure that you recover quickly if there is an attack.
How do I protect against ransomware?
The most important steps to protect against a ransomware attack are:
- Be alert to phishing emails and NEVER click on the link unless you are absolutely sure – especially COVID-19 related scams
- Be sure your backup is:
- Up to date
- Secure (encrypted at rest and in transit)
- In three different locations:
- The original source (live production database)
- Local backup on another device
- Offsite in the cloud
- If you use a remote access tool, ensure the passwords are complex and multi-factor authentication is enabled
- Keep all software and hardware patched and up to date
- Have cyber security tools and technology in place
What happens if I fall victim to ransomware?
Speed matters. Immediately:
- Disconnect the infected PC from the network and Disable Wi-Fi or unplug the network cable
- Contact your IT provider as soon as possible.
Investing in cyber security is important. Always contact your IT provider for specific advice.
Andrew McManus is General Manager, Managed Services at Fred IT Group.